package com.xiaowen.config.security;


import com.xiaowen.config.filter.JWTAuthenticationFilter;
import com.xiaowen.config.filter.SmsCodeAuthenticationFilter;
import com.xiaowen.redis.RedisUtils;
import com.xiaowen.user.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.stereotype.Component;

/**
 * Created with IntelliJ IDEA.
 * User: yf-wenhao
 * Date: 2024/9/18
 * Time: 下午5:26
 */
@Component
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {



    @Autowired
    private MyAuthenticationFailureHandler myAuthenticationFailureHandler;
    @Autowired
    private MyAuthenticationSuccessHandler myAuthenticationSuccessHandler;
    @Autowired
    private AuthenticationEntryPointImpl authenticationEntryPoint;
    @Autowired
    private UserService userService;
    @Autowired
    private RedisUtils redisUtils;
//    @Autowired
//    private SmsCodeValidateFilter smsCodeValidateFilter;
//    @Autowired
//    private SmsCodeAuthenticationProvider smsCodeAuthenticationProvider;


    @Bean
    public SmsCodeAuthenticationFilter smsCodeAuthenticationFilter() throws Exception {
        SmsCodeAuthenticationFilter smsCodeAuthenticationFilter = new SmsCodeAuthenticationFilter();
        smsCodeAuthenticationFilter.setAuthenticationManager(super.authenticationManager());
        smsCodeAuthenticationFilter.setRedisUtils(redisUtils);
        smsCodeAuthenticationFilter.setAuthenticationSuccessHandler(myAuthenticationSuccessHandler);
        smsCodeAuthenticationFilter.setAuthenticationFailureHandler(myAuthenticationFailureHandler);
        return smsCodeAuthenticationFilter;
    }




    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable().cors().and()
        // 开启请求的权限管理
        .authorizeRequests()
                .mvcMatchers("/login/**").anonymous()//除去login接口
                .antMatchers("/favicon.ico").permitAll()
                .anyRequest().authenticated() //任何人进来都需要授权
                .and()
        .sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()//关闭session管理
        .exceptionHandling()  //配置权限认证失败逻辑
                .authenticationEntryPoint(authenticationEntryPoint)
                .accessDeniedHandler(new CustomAccessDeniedHandler()); // 使用自定义的AccessDeniedHandler

        // 将loginFilter过滤器添加到UsernamePasswordAuthenticationFilter过滤器所在的位置
        http.addFilterAt(smsCodeAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
        // 添加自定义的过滤器-基本认证过滤器，让每个请求都得经过jwt认证...
        http.addFilter(new JWTAuthenticationFilter(super.authenticationManager(), userService));


    }



}
